Target Operating Model (TOM)

Describes the NHS Digital self-certification tool known as the Target Operating Model (TOM)

SMSP Target Operating Model

Connecting to PDS via SMSP relies on Suppliers and End Users completing the NHS Digital self-certification tool, known as the Target Operating Model (TOM). The purpose of the Target Operating Model (TOM) is to inform and assist End User organisations with the implementation of SMS integrated systems within their local environment. It provides an assessment framework of their responsibilities in terms of ensuring that their local system meets the technical, IG, Clinical safety and functionality required for the business context. The TOM is included within the Requirements Pack.

When complete, the TOM becomes a record of self-certified statements of compliance with the guidance and requirements of the SMSP service.

It is the Supplier’s responsibility to support the End User in completing the TOM and submit the document to NHS Digital. The exception to this is where the Supplier is applying for Technical Conformance only (e.g. because they do not wish to deploy the Client to an End User straight away). In this case they will complete the Technical Conformance steps independently to progress through ITK Conformance for their Client and partially complete the TOM. As soon as an End User is identified, they will complete the TOM in full and follow the end-to-end compliance process, including Usage and Settings approval. Therefore an End User could receive an already conformant product from a Supplier but each different End User must complete a TOM. This is because the purpose and use of the data, along with the system setting, must be evaluated and approved by NHS Digital on a case-by-case basis.

Completing the TOM

The TOM is currently presented in a form of a workbook, split into logical sections. Guidance on completing the TOM is included in the TOM and further support is available from NHS Digital. Two illustrative development scenarios, describing how the TOM is completed, are provided here.

The TOM is typically completed in three phases although in reality some of these can be done concurrently:

Phase 1a: Usage and Settings information provided to NHS Digital for approval. The approval is inserted in the TOM by the Demographics Team and the TOM is returned to the Supplier.

Phase 1b: Technical Conformance information provided to NHS Digital for approval. The Supplier updates (with the End User where appropriate) and completes the self-certifying statements around IG and security, Clinical Safety (if required) and the SMS Client requirements. This is submitted along with the Supplier Certified Requirements document which provides additional, ITK specific self-certifying statements. Both the statements of self-certification (in the TOM and spreadsheet) and positive test evidence are needed for the ITK Conformance Certificate.

Phase 2: End User Approval. Once the ITK Conformance Certificate has been granted, the ITK Conformance team will insert the certificate number in the TOM and send the TOM and the certificate to the Supplier. They will also send an End User approval email to the Supplier; this email is for the End User to complete and indicate approval and acceptance of the Service, as developed by the Supplier, requiring a full assessment of the information in the TOM by the End User organisation. This also indicates the End User organisation’s readiness for deployment. The Supplier obtains this approval from the End User and submits the End User approval email and finalised TOM to the ITK Conformance team.

Once the NHS Digital approvals have been obtained, the End User confirms acceptance of the Service, as developed by the Supplier via email. The TOM then forms part of the legal agreement between NHS Digital and the Supplier and End User.

Note: Once Technical Conformance has been obtained, the TOM will typically remain largely unchanged (in terms of the risks/mitigations identified) for subsequent deployments, hence new deployments will simply require the new End User organisation’s details and any local context changes to the assessment.